IOC Report
https://ejcasino55.com/

loading gif

Files

File Path
Type
Category
Malicious
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping4624_2049801999\LICENSE
ASCII text
dropped
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping4624_2049801999\_metadata\verified_contents.json
JSON data
dropped
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping4624_2049801999\manifest.fingerprint
ASCII text, with no line terminators
dropped
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping4624_2049801999\manifest.json
JSON data
dropped
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping4624_2049801999\sets.json
JSON data
dropped
Chrome Cache Entry: 142
Unicode text, UTF-8 text, with very long lines (61434), with no line terminators
dropped
Chrome Cache Entry: 143
ASCII text, with very long lines (15844)
downloaded
Chrome Cache Entry: 144
ISO Media, AVIF Image
dropped
Chrome Cache Entry: 145
ASCII text, with very long lines (49358), with no line terminators
downloaded
Chrome Cache Entry: 146
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
downloaded
Chrome Cache Entry: 147
ASCII text, with very long lines (1614), with no line terminators
dropped
Chrome Cache Entry: 148
Unicode text, UTF-8 text, with very long lines (65373), with no line terminators
dropped
Chrome Cache Entry: 149
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
downloaded
Chrome Cache Entry: 150
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 151
ASCII text, with very long lines (65442)
dropped
Chrome Cache Entry: 152
ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 153
HTML document, Unicode text, UTF-8 text, with very long lines (32095), with no line terminators
downloaded
Chrome Cache Entry: 154
ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 155
ISO Media, AVIF Image
downloaded
Chrome Cache Entry: 156
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 157
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
dropped
Chrome Cache Entry: 158
ASCII text, with very long lines (65442)
downloaded
Chrome Cache Entry: 159
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 160
Unicode text, UTF-8 text, with very long lines (61434), with no line terminators
downloaded
Chrome Cache Entry: 161
Unicode text, UTF-8 text, with very long lines (65513), with no line terminators
downloaded
Chrome Cache Entry: 162
ASCII text, with very long lines (65452)
downloaded
Chrome Cache Entry: 163
ASCII text, with very long lines (57398), with no line terminators
downloaded
Chrome Cache Entry: 164
ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 165
ASCII text, with very long lines (65452)
dropped
Chrome Cache Entry: 166
HTML document, Unicode text, UTF-8 text, with very long lines (1580)
downloaded
Chrome Cache Entry: 167
ASCII text, with very long lines (65452)
dropped
Chrome Cache Entry: 168
ASCII text, with very long lines (65442)
dropped
Chrome Cache Entry: 169
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
dropped
Chrome Cache Entry: 170
ASCII text, with very long lines (49358), with no line terminators
dropped
Chrome Cache Entry: 171
Unicode text, UTF-8 text, with very long lines (65513), with no line terminators
dropped
Chrome Cache Entry: 172
ASCII text, with very long lines (1614), with no line terminators
downloaded
Chrome Cache Entry: 173
Unicode text, UTF-8 text, with very long lines (65373), with no line terminators
downloaded
Chrome Cache Entry: 174
ASCII text, with very long lines (65442)
downloaded
Chrome Cache Entry: 175
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 176
ASCII text, with very long lines (65442)
downloaded
Chrome Cache Entry: 177
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 178
ASCII text, with very long lines (65452)
downloaded
There are 33 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2272 --field-trial-handle=2216,i,17591315597465460059,14425427661340701996,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://ejcasino55.com/"

URLs

Name
IP
Malicious
https://ejcasino55.com/
https://wieistmeineip.de
unknown
https://mercadoshops.com.co
unknown
https://gliadomain.com
unknown
https://poalim.xyz
unknown
https://mercadolivre.com
unknown
https://ejcasino55.com/
https://reshim.org
unknown
https://nourishingpursuits.com
unknown
https://medonet.pl
unknown
https://unotv.com
unknown
https://mercadoshops.com.br
unknown
https://joyreactor.cc
unknown
https://apiup-cf.cbfes.com/sa?project=default
unknown
https://zdrowietvn.pl
unknown
https://johndeere.com
unknown
https://songstats.com
unknown
https://baomoi.com
unknown
https://supereva.it
unknown
https://ejcasino55.com/assets/vendor~d2eb5610.dfe9713e21f9abb33023.js
13.33.187.70
https://elfinancierocr.com
unknown
https://bolasport.com
unknown
https://rws1nvtvt.com
unknown
https://desimartini.com
unknown
https://hearty.app
unknown
https://apiup-cf.cbfes.com/sa?project=production
unknown
https://pinia.vuejs.org
unknown
https://hearty.gift
unknown
https://mercadoshops.com
unknown
https://heartymail.com
unknown
https://nlc.hu
unknown
https://p106.net
unknown
https://radio2.be
unknown
https://finn.no
unknown
https://hc1.com
unknown
https://kompas.tv
unknown
https://mystudentdashboard.com
unknown
https://ejcasino55.com/assets/main~43dd7041.31d73d16181d5e614dcf.js
13.33.187.70
https://songshare.com
unknown
https://smaker.pl
unknown
https://mercadopago.com.mx
unknown
https://p24.hu
unknown
https://talkdeskqaid.com
unknown
https://24.hu
unknown
https://mercadopago.com.pe
unknown
https://cardsayings.net
unknown
https://text.com
unknown
https://mightytext.net
unknown
https://pudelek.pl
unknown
https://hazipatika.com
unknown
https://joyreactor.com
unknown
https://cookreactor.com
unknown
https://wildixin.com
unknown
https://eworkbookcloud.com
unknown
https://cognitiveai.ru
unknown
https://nacion.com
unknown
https://chennien.com
unknown
https://drimer.travel
unknown
https://deccoria.pl
unknown
https://mercadopago.cl
unknown
https://talkdeskstgid.com
unknown
https://naukri.com
unknown
https://interia.pl
unknown
https://ejcasino55.com/assets/vendor~aac516cf.698225e5afa89ec9791a.css
13.33.187.70
https://bonvivir.com
unknown
https://carcostadvisor.be
unknown
https://salemovetravel.com
unknown
https://sapo.io
unknown
https://wpext.pl
unknown
https://welt.de
unknown
https://poalim.site
unknown
https://drimer.io
unknown
https://infoedgeindia.com
unknown
https://blackrockadvisorelite.it
unknown
https://cognitive-ai.ru
unknown
https://cafemedia.com
unknown
https://graziadaily.co.uk
unknown
https://thirdspace.org.au
unknown
https://mercadoshops.com.ar
unknown
https://smpn106jkt.sch.id
unknown
https://elpais.uy
unknown
https://landyrev.com
unknown
https://the42.ie
unknown
https://commentcamarche.com
unknown
https://tucarro.com.ve
unknown
https://ejcasino55.com/assets/main~749a6420.8aa1a7eb809ff62c3944.js
13.33.187.70
https://rws3nvtvt.com
unknown
https://eleconomista.net
unknown
https://helpdesk.com
unknown
https://ejcasino55.com/assets/vendor.ant-design-vue~858e9c75.9f4a7e2548e4fd596f3b.js
13.33.187.70
https://ejcasino55.com/assets/main~31743c5a.f413942b3a4c126a7687.css
13.33.187.70
https://mercadolivre.com.br
unknown
https://clmbtech.com
unknown
https://standardsandpraiserepurpose.com
unknown
https://07c225f3.online
unknown
https://salemovefinancial.com
unknown
https://mercadopago.com.br
unknown
https://ejcasino55.com/libs/monitor/index.js?ver=1.0.1
13.33.187.70
https://commentcamarche.net
unknown
https://etfacademy.it
unknown
https://mighty-app.appspot.com
unknown
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
s-part-0036.t-0009.t-msedge.net
13.107.246.64
d12il0o6vjxtki.cloudfront.net
18.239.50.98
www.google.com
216.58.206.68
d3tq7eru1g8hkc.cloudfront.net
13.33.187.92
fp2e7a.wpc.phicdn.net
192.229.221.95
ejcasino55.com
13.33.187.70
pubusppp.c1oudfront.com
unknown
cdntoos.ejcasino88.com
unknown

IPs

IP
Domain
Country
Malicious
18.239.50.98
d12il0o6vjxtki.cloudfront.net
United States
192.168.2.4
unknown
unknown
192.168.2.6
unknown
unknown
216.58.206.68
www.google.com
United States
192.168.2.5
unknown
unknown
13.33.187.70
ejcasino55.com
United States
13.33.187.92
d3tq7eru1g8hkc.cloudfront.net
United States
239.255.255.250
unknown
Reserved
18.66.147.110
unknown
United States

DOM / HTML

URL
Malicious
https://ejcasino55.com/